May 24, 2004

CLI magic: network tools, can you dig it?

Author: Joe Barr

This week we're going to take a look at three command line tools which can sometimes help resolve Internet connectivity issues. But first, you lazy louts, you have to get up out of that comfortable but mind-numbing GUI hammock you've been napping in and exercise your typing fingers. If you need additional motivation to break your GUI addiction, consider the fact that Microsoft recently patented the act of double-clicking your rodent. Enough said.


The typical home user connects to the Internet with a dynamically assigned IP address. Assignment of these temporary IP addresses is automated thanks to something called DHCP: Dynamic Host Configuration Protocol. What that means in practical terms is that the IP address that identifies you on the Internet today may point at someone else tomorrow. So if you have a dynamically assigned IP address and set up a server of some kind on the Internet, users who access it today might not be able to find it tomorrow.

Some broadband users may have the same dynamic IP address for months at a time. Many dialup users never get the same one twice. But neither can count on having the same address the next time they connect to the Internet.

Sites with static IP addresses rarely have their IP addresses changed. Not only does the IP address remain the same, a registered domain name can be tied to the IP address. That means that when your browser sets off in search of the home page, it finds the right one. Behind the scenes, a domain name server (DNS) has translated the domain name into an IP address.

Do you know your IP address?

The ifconfig command is used to configure a network interface. We're not going there, we're just going to use it tell tell us what our IP address is by entering the following at the console as follows:

/sbin/ifconfig eth0

The first line of the response tells me the physical address of my Ethernet card (shown as the HWaddr). The second line tells me my IP address, which is the information I was looking for.
There is plenty of additional information shown, but we're simply going to ignore it for now.

Do you know their IP address?

Let's move on to a more interesting command in our search for knowledge of the Internet as she is spoken one machine to another. The command is dig, and it's a doozie. With it we can learn not only the IP addresses of domain names we ask about, we can learn the IP addresses of the domain name servers we're using. This can be handy information when you're having DNS problems.

Start by entering a naked dig command at the console. The response will give you almost a page full of information, but I'm only interested in the last four lines. They look like this on my system:

;; Query time: 15 msec
;; WHEN: Sun May 23 15:03:50 2004
;; MSG SIZE rcvd: 244

The SERVER line tells me the address of the DNS server answering my query. Since Time Warner RoadRunner is my ISP, it's no surprise that the DNS address listed is one of their servers.

Sometimes I add a WAP (Wireless Access Point) to the mix so I can take my laptop out on the desk and surf the net from there. When I do, my local configuration changes considerably.

The WAP talks directly to the cable modem. The cable modem asks my ISP for an IP address whenever it is powered on or reset. That's the IP address the Internet knows me by in either case. But the WAP talks to my machines using private addresses which the rest of the world doesn't see. And when I run dig while it's in place, the SERVER address shown is no longer the RoadRunner DNS machine, but the WAP itself.

When I take the laptop out on the deck this evening and power on, the WAP will assign it a private address as well. It will use that address to route all traffic to and from the laptop and another private address to handle traffic to and from the desktop.

Can you hear me now?

How do you know when you're having DNS problems? I mean, if you're unable to get to your favorite website, how do you know if it's you or the website, or something else altogether causing the problem? ping and dig can help answer that question.

Let's say that your browser tells you http://www.somesite.tld is unreachable. Just to be sure, try to ping it by name first. If it works, then the host is there, even if the Web server isn't responding.

If ping by name doesn't work, try pinging by IP address. If you don't know what the IP address is, use dig to find it. Once you have it, ping the IP address. If that works, you know you have DNS problems, because it's clearly a case of the domain name not being correctly translated to an IP address.

I have it on very good authority from a friend of mine that sometimes, with some WAPs, all it takes clear those DNS problems up is to power them on and off. I know, it's kind of a Windows fix, but hey, sometimes it works.

As always, remember to use man to learn more about these tools. As in man ifconfig, man dig, and man ping.

Click Here!